<!--Gordana Pejic 191/01-->
<?php
    $uname=$_GET["uname"];

    
    if (isset ($_SESSION['username']) && ($_SESSION['username']==$uname)){
    echo '
    <div id="profile">
        <h2>'.$uname.'\'s Profile</h2><br/>';

    require 'db.php';
    $con=dbConnect('sib');
    $result=mysql_query("SELECT * FROM user WHERE UserName='$uname'", $con);
    $row=mysql_fetch_array($result);
    echo '
    <form action="pages/add_profile.php?uname='.$uname.'" method="post">
    <table>

        <tr>
        <td>First name</td>
        <td><input type="text" name="fname" value="'.$row['FirstName'],'"/></td>
        </tr>
        <tr>
        <td>Last name</td>
        <td><input type="text" name="lname" value="'.$row['LastName'],'"/></td>
        </tr>
        <tr>
        <td>New password</td>
        <td><input type="text" name="pass" value=""/></td>
        </tr>

        <tr>
        <td>Retype new password</td>
        <td><input type="text" name="repass" value=""/></td>
        </tr>

        <tr>
        <td>Email</td>
        <td><input type="text" name="email" value="'.$row['Email'],'"/></td>
        </tr>

        <tr>
        <td>Phone</td>
        <td><input type="text" name="phone" value="'.$row['Phone'],'"/></td>
        </tr>

        <tr>
        <td>Country</td>
        <td><input type="text" name="country" value="'.$row['Country'],'"/></td>
        </tr>

        <tr>
        <td>City</td>
        <td><input type="text" name="city" value="'.$row['City'],'"/></td>
        </tr>
        <tr>
            <td>&nbsp;</td>
            <td align="center"><button type="submit" >Apply changes</button></td>
        <tr>
    </table>
    </form>';

    echo'
    </div>'
    ;

    }
    else header('Location: index.php?err=6');
?>
